top of page

Privacy Policy

Last Updated on 17 February 2026

Introduction 

Orvellei (“Orvellei”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data with care, transparency, and integrity. This Privacy Policy explains in detail how we collect, use, store, safeguard, and disclose your personal data when you:

  • Visit our website;

  • Purchase any of our digital products, including the Orvellei Framework Suite;

  • Subscribe to our emails or communications;

  • Contact us directly;

  • Interact with our marketing, content, or services.

 

We process personal data in accordance with:

  • The UK General Data Protection Regulation;

  • The Data Protection Act 2018.

We are committed to processing personal data lawfully, fairly, and transparently. By using our website or purchasing our Products, you acknowledge that you have read and understood this Privacy Policy.

Data Controller

Orvellei is the data controller responsible for determining how and why your personal data is processed. As the data controller, we are responsible for ensuring that personal data is handled in accordance with applicable data protection laws.

Contact Details

London, United Kingdom

Email: hello@orvellei.com

If you have any questions about this Privacy Policy or how your personal data is handled, you may contact us using the details above.

Information We Collect

We collect only personal data that is necessary and proportionate for operating our business, delivering Products, and fulfilling contractual and legal obligations.

Identity and Contact Data

This may include:

  • Full name

  • Email address

  • Billing address

  • Business name (where applicable)

  • Records of correspondence with us

This information is required to process purchases, provide access to Products, and communicate with you.

 

Financial and Transaction Data

This may include:

  • Payment confirmation details

  • Transaction records

  • Purchase history

  • Payment plan status

We do not store full credit or debit card details. Payments are processed securely by third-party payment providers who are responsible for handling payment information in accordance with applicable security standards.

 

Technical Data

When you access our website, we may automatically collect certain technical information, including:

  • IP address

  • Browser type and version

  • Device type

  • Operating system

  • Time zone setting

  • Basic usage data relating to website access

This information is used to maintain security, monitor performance, and improve service reliability.

Marketing and Communications Data

This may include:

  • Email subscription status

  • Marketing preferences

  • Records of consent

  • Communication history

  • Engagement with emails or promotional materials

We maintain records of consent where required by law.

How We Collect Your Data

We collect personal data directly from you when you:

  • Purchase a Product;

  • Enter into a payment plan;

  • Subscribe to our mailing list;

  • Download resources;

  • Contact us via email or website form;

  • Interact with our marketing communications.

We do not request or collect personal data that is not reasonably necessary for contractual, operational, or legal purposes.

Lawful Basis of Processing

Under the UK GDPR, we process personal data on the following lawful bases:

Contractual Necessity

To perform our obligations when you purchase a Product, including delivery of digital content, payment processing, and customer support.

 

Legal Obligation

To comply with applicable legal requirements, including tax, accounting, and regulatory obligations.

 

Legitimate Interests

Where processing is necessary for our legitimate business interests, including:

  • Operating and improving our website;

  • Protecting against fraud or misuse;

  • Enforcing our contractual rights;

  • Maintaining business records;

  • Ensuring platform security.

We ensure that such processing does not override your rights and freedoms.

 

Consent

Where required for marketing communications or similar activities.

You may withdraw consent at any time. Withdrawal does not affect the lawfulness of prior processing.

How We Use Your Information

We use personal data in a structured and proportionate manner to:

  • Process payments and deliver digital Products;

  • Provide customer support and respond to enquiries;

  • Administer payment plans and subscriptions;

  • Send transactional communications (including confirmations and service notices);

  • Send marketing communications where you have opted in;

  • Maintain accurate business records;

  • Detect and prevent fraud, misuse, or unlawful activity;

  • Comply with legal and regulatory obligations;

  • Protect our contractual and intellectual property rights.

We do not sell, trade, or rent personal data to third parties.

Data Sharing

We may share personal data with carefully selected third parties where necessary to operate our business, including:

  • Payment processors;

  • Website hosting providers;

  • Email marketing service providers;

  • IT service providers;

  • Professional advisers (legal, tax, accounting).

All third-party providers are required to process personal data securely and in accordance with applicable data protection laws. We may also disclose personal data where required by law, regulation, court order, or lawful authority.

International Transfers

If personal data is processed outside the United Kingdom by a service provider, we ensure appropriate safeguards are in place, including:

  • UK adequacy regulations;

  • International Data Transfer Agreements (IDTAs);

  • Approved Standard Contractual Clauses.

These measures are designed to ensure that personal data receives a level of protection consistent with UK data protection standards.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Delivering Products and managing subscriptions;

  • Maintaining business and accounting records;

  • Complying with legal obligations;

  • Resolving disputes;

  • Enforcing agreements.

Financial and transactional records may be retained for up to seven years to comply with tax and accounting requirements. When personal data is no longer required, it is securely deleted or anonymised.

Permitted Use Your Rights Under UK GDPR

Under the UK GDPR, you have the right to:

  • Request access to your personal data;

  • Request correction of inaccurate or incomplete data;

  • Request erasure in certain circumstances;

  • Request restriction of processing;

  • Object to processing based on legitimate interests;

  • Request data portability;

  • Withdraw consent where processing is based on consent.

To exercise your rights, please contact hello@orvellei.com.

 

We may request verification of identity before responding to any request to ensure data security.

If you believe your personal data has been processed unlawfully, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office

Marketing Communications

Where you have opted in to receive marketing communications from Orvellei:

  • We may send emails relating to Products, updates, launches, educational content, and promotional offers;

  • We will only send marketing communications where permitted by law;

  • You may unsubscribe at any time using the link provided in marketing emails;

  • You may also request removal by contacting us directly.

Unsubscribing from marketing communications does not affect transactional or service-related communications, including purchase confirmations, payment notices, or account-related updates. We maintain records of consent and unsubscribe requests to ensure compliance with applicable regulations.

Data Security

We implement appropriate technical and organisational safeguards designed to protect personal data against:

  • Unauthorised access;

  • Accidental loss;

  • Destruction or damage;

  • Alteration;

  • Unlawful disclosure.

Access to personal data is restricted to those who have a legitimate business need to know. While we take reasonable precautions to protect personal data, no method of electronic transmission or storage is entirely secure.

Children

Our website and Products are intended for individuals aged 18 or over. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that such data has been collected, we will take reasonable steps to delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes. Any updates will be published on this page with a revised “Last Updated” date. Continued use of our website after publication of changes constitutes acknowledgement of the updated Privacy Policy.

Contact

If you have any questions regarding this Privacy Policy or how your personal data is handled, please contact:

hello@orvellei.com

bottom of page